package com.yimils.core.sys.controller;



import com.yimils.core.common.dto.RspBase;
import com.yimils.core.common.dto.SysCode;
import com.yimils.core.sys.dto.ReqLogin;
import com.yimils.core.sys.entity.UserEntity;
import com.yimils.core.sys.service.UserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.apache.shiro.util.ByteSource;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;

import javax.annotation.Resource;

/**
 * 系统登录
 */
@RestController
public class CoreLoginController {
    @Resource(name = "userService")
    private UserService userService;

    @GetMapping("/login")
    public RspBase login() {
        return RspBase.CODE(SysCode.LOGIN_REDIR);
    }

    /**
     * showdoc
     *
     * @return {"code":0,"msg":"登录成功","menus":[{"icon":null,"name":"客户管理","path":null,"key":"cst","children":[{"icon":null,"name":"客户列表","path":null,"key":"info","children":[]}]}],"permissions":["cst:info:add","cst:info:remove","cst:info:update","cst:info:view"]}
     * @catalog 系统管理/用户管理
     * @title 用户登录
     * @description 前端密码传参须MD5加密
     * @method post
     * @url /login
     * @json_param {"username":"testadmin","password":"5050c06487a946899ea12ef74a09289a"}
     * @return_param code   Integer   状态码
     * @return_param msg   String    消息
     * @return_param menus   Array    用户菜单
     * @return_param permissions   Array   用户权限
     * @remark 登录失败返回405状态码
     * @number 2
     */
    @PostMapping("/login")
    public RspBase login(@RequestBody ReqLogin params) {
        //backend encryption
        String salt = userService.getUserSalt(params.getUsername());
        String password = new SimpleHash("SHA-256", params.getPassword(), ByteSource.Util.bytes(salt), 88).toHex();

        UsernamePasswordToken token = new UsernamePasswordToken(params.getUsername(), password);
        if (!SecurityUtils.getSubject().isAuthenticated()) {
            SecurityUtils.getSubject().login(token);
        }
        if (!SecurityUtils.getSubject().isAuthenticated()) {
            throw new AuthenticationException();
        }

        UserEntity userEntity = (UserEntity) SecurityUtils.getSubject().getPrincipal();
        RspBase rsp = RspBase.OK("登录成功");
        rsp.put("menus", userEntity.getUserMenu().getMenuList());
        rsp.put("permissions", userEntity.getPermissions());
        rsp.put("userInfo", userEntity);
        System.out.println("login 登录成功");
        return rsp;
    }

    /**
     * showdoc
     *
     * @return {"code":0,"msg":""}
     * @catalog 系统管理/用户管理
     * @title 用户登出
     * @description
     * @method post
     * @url /logout
     * @return_param code   Integer   状态码
     * @return_param msg   String    消息
     * @remark 确保cookie JSESSIONID和登录返回的一致
     * @number 3
     */
    @PostMapping("/logout")
    public RspBase logout() {
        SecurityUtils.getSubject().logout();
        return RspBase.OK();
    }
}
